This article can also be found in the Premium Editorial Download "Information Security magazine: Five crucial virtualization do's and don'ts."
Download it now to read this article plus other related content.
Array Networks' SPX2000 VPN appliance is a full-featured VPN designed for small- and medium-sized businesses.
It's a cost-effective SSL VPN system, which provides users with flexible and simplified secure access to email, file shares and chosen applications. The SPX2000 is a plug-and-play solution that enables quick and efficient configuration of VPN parameters and provides a high-performance "in-office" experience for an increasingly mobile workforce.
The SPX 2000 stacks up well against the competition, competitively priced with up to 500 concurrent connections, which is more than most SSL VPN appliances that are designed for the small- and medium-sized business market.
Setting up the device does not take much effort, but could be simpler, especially for people who don't have a background in Cisco-like interfaces. However, we completed the first part of the device setup without looking at documentation.
The first step requires connecting to the device via serial cable and using a terminal program (such as Windows HyperTerminal).
Having Cisco terminal experience will make this part easier. Once the interfaces are configured, you're able to log in to the Web application to continue the configuration.
We would have found it very helpful to have an LCD screen and controls on the front of the appliance that could configure the addresses, then complete the rest of the setup through the Web interface.
The Web GUI is set up well, and we found it quite easy to figure out, thanks in large part to built-in PDF help documents, which are available through the interface. The only issue we encountered with the GUI was that it would sometimes become unresponsive, requiring us to log in again. We weren't able to track down the issue, but it was an annoyance.
Many companies will like having Array Networks' embedded NAC-like function, which verifies the integrity of the endpoint, including antivirus software, personal firewall, service pack, and patch/hotfix policies. Needless to say, this adds some of the complexity that comes with the territory, but is an attractive feature for companies looking to implement NAC capability.
This was first published in June 2008